Standard IP Access Lists

Access lists are used to organize and administrate access of network traffic. Access lists can be used to fix the network security policies. When the lists are constructed they can be used to control incoming or out going traffic of data at any edge.

Basic Rules for IP Access Lists

Some important rules for a packet of data when it is being compared with an access list:

•    It is compared in a line sequence from 1st to last
•    It is only compared till it matches to some list. As it is matched then the comparison is stopped.
•    When the packet does not match any access list then it is discarded.

Standard access lists:

The standard IP access lists use basic IP address in a packet to clean the entire system. This phenomenon permits or denies a complete protocol group.
Inbound access lists:

The data packages are processed by the inbound list prior to set for routing by the outbound line.

Outbound access lists:

The data packages are routed to the outbound border and then passed through the outbound access list.
Points for creating Access Lists

There is only permission of one access list per interface.

Access lists must be well organized so that more important tests are on the top of the access list.

The latest statement added by you will be at the bottom of the access list

There is no possibility of removing or editing only a single line. The complete access list is removed or edited.

The “permit” command should be present in the list otherwise the data packets would be discarded.

After you have created the access list then apply it to an interface. Access list that is implemented to an interface will not be able to filter traffic in the network.

The IP standard access list should be placed nearest to the destination.